Cities and counties are beefing up their IT security, and that makes sense, says Augustine Boateng, interim chief information officer (CIO) in Memphis, Tenn.
“It’s important to note that local governments have developed a reputation over the years for having lackluster cybersecurity; and not without good reason. As a result, we’re seeing more and more cyberattacks targeting cities, counties, and the like.” Boateng lists the following IT weaknesses that are sometimes found in local government technology departments:
Read more…
Source: American City & County News
Related:
- Mr. Cooper leaks personal data of 14 million loan and mortgage customers
December 19, 2023
A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. has released more information on a recent breach. In a data breach notification, the company didn’t say what type of cyberattack caused the compromise of customer data, calling it a rather non-descriptive “External system breach (hacking).” For those unfamiliar ...
- Xfinity discloses a data breach but doesn’t say how many users are affected
December 18, 2023
Xfinity is notifying customers of a “data security incident” it says resulted in the theft of customer information, including usernames, passwords, contact information, and more. In a notice on Monday, Xfinity says “there was unauthorized access” to its systems from October 16th to October 19th, 2023. Xfinity traces the breach to a security vulnerability disclosed by ...
- Coverage Advisory for CVE-2023-50164: Apache Struts Path Traversal and File Upload Vulnerability
December 18, 2023
CVE-2023-50164 is a path traversal flaw that allows a remote attacker to upload malicious files to vulnerable servers. After successful exploitation, an attacker can achieve Remote Code Execution (RCE) on the target server. An attacker exploiting such a vulnerability can access, upload, or modify important files, steal sensitive information, disrupt critical services, or move laterally on ...
- #StopRansomware: Play Ransomware
December 18, 2023
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint CSA to disseminate the Play ransomware group’s IOCs and TTPs identified through FBI investigations as recently as October 2023. Since June 2022, the Play (also known as Playcrypt) ransomware group ...
- Defense Contractor Austal USA Confirms a Cyber Attack by Hunters International Ransomware Group
December 15, 2023
Australian-based American defense contractor Austal USA has confirmed a cyber attack after the Hunters International ransomware group listed the company and shared samples of the stolen data as proof. Austal USA is a Contractor for the US Department of Defense (DOD) and the Department of Homeland Security (DHS), undertaking major U.S. Navy shipbuilding programs. With five ...
- USAF cracks down on ‘need to know’ violations in wake of Discord leaks
December 12, 2023
Just because you’re cleared for secrets doesn’t mean you have a “need to know” them. After hundreds of classified documents were leaked earlier this year, the U.S. Air Force is trying to ensure that airmen clear both bars before they access sensitive information. The service has “implemented several reforms to improve procedures related to need to ...